Sign in with Microsoft (OAuth code)
OAuth & Sessions
Microsoft OAuth Sign-in
Exchange Microsoft OAuth authorization code for user profile and issue a session token. If the user does not exist, a new user is created.
GET
Sign in with Microsoft (OAuth code)
Exchange Microsoft OAuth authorization code for user profile and issue a session token. If the user does not exist, a new user is created.
Request
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| code | string | Yes | Authorization code returned by Microsoft’s OAuth flow |
Response
200 OK - Successful sign-in
Returns user, token and profile picture.400 Bad Request
500 Internal Server Error
Example
Notes
- The authorization code must be obtained from Microsoft’s OAuth 2.0 flow
- If the user doesn’t exist in the system, a new user account will be created
- The returned token should be stored securely and used for subsequent authenticated requests
- The profile picture may be returned as base64 data or a URL depending on implementation
- Token expiration time is typically 24 hours
OAuth Flow
- Redirect user to Microsoft’s OAuth consent screen
- User authorizes the application
- Microsoft redirects back with authorization code
- Exchange the code for access token and user profile using this endpoint